Clamav - exclude directories from scan.

Discussion in 'all things UNIX' started by Ocky, Jan 27, 2009.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Ok you will say 'not required' - nevertheless I have just installed clamav on
    CentOS 5.2 (running in VB). Also clamtk the GUI frontend, which is not
    much use as it has no feature to exclude directories/files and doesn't run as root ( I am
    not keen on gksu in CentOS).

    Clamscan, run as root in terminal to scan '/ ' will always find 35 infected files in
    usr/share/doc/clamav-0.94.2/test. I was shocked, but then realised that these
    were all test files to see wherther clamav is recognising them, unpacking them
    etc.
    Obviously I would like to exclude this test directory from future scans. So far
    I have only been able to do this using the following command ( includes some
    other directories as well) :-

    clamscan -irv --exclude=/proc --exclude=/sys --exclude=/dev --exclude=/media --exclude=/mnt --exclude=/usr/share/doc/clamav-0.94.2/test

    Surely there must be a better command i.e. not repeating --exclude the whole time ?
    Ideally it would be nice to have an icon on the panel so that on clicking
    it, the scan with the above options will run.

    Any ideas off the cuff ? or would you all prefer me to google some more .. :argh:
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    How about you specify these directories in a file and then point the exclude to a file?
    Mrk
     
  3. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    Well on further reading, I have come to the conclusion that clamav can be as
    complicated to use as one wishes ad infinitum, what with cronjobs, dazuko,
    milter etc. All way beyond my beginners Linux capabilities.
    I know how to create a clamscan $EXCLUDES file (at least I think I do), but would
    not know where to place it and how exactly to reference it with the command line. Not to worry ( I must remember that AV is not necessary ! ).

    What I have done is created a launcher with the excludes previously mentioned.
    This works fine, but when done, the terminal disappears (why ?). So to get some output, (incl. the scan summary), that I can see, I added a --log=/path/to/virus_log option to the launcher command. This works and I can see the verbose output plus the scan summary.
    clamscan -irv --log=/home/user/clamav/virus_log --exclude=/proc --exclude=/sys --exclude=/dev --exclude=/media --exclude=/mnt --exclude=/usr/share/doc/clamav-0.94.2/test /

    My questions..

    1. The scan starts in / (the / after test), but I don't know whether I can/or how to
    add the option to run as root in the launcher command box.
    2.Any idea why the terminal disappears after scanning is completed ?

    PS. I do like the Gerald the Clam icon. :)
     
Loading...
Thread Status:
Not open for further replies.